At 11:46 AM -0400 9/11/09, Marcus Wong wrote:
Hi Everyone,
I'm new to the working group. I've uploaded a draft on the use of notify
payload for integrity data exchanges in IKEv2 for your comments and review.
All comments are highly appreciated. Thanks everyone.
A new version of I-D, draft-wong-ipsecme-ikev2-integrity-data-00.txt has
been successfuly submitted by Marcus Wong and posted to the IETF repository.
Filename: draft-wong-ipsecme-ikev2-integrity-data
Revision: 00
Title: Integrity Data Exchanges in IKEv2
Creation_date: 2009-09-11
WG ID: Independent Submission
Number_of_pages: 9
Abstract:
IKEv2 supports mutual authentication of the peers but does not support
platform integrity validation of the peers nor does it support the exchange
of data related to the platform integrity validation. This extension allows
platform integrity validation data to be exchanged from one peer (initiator)
to another (respondent), allowing the other peer to either use the data for
statistical analysis, pass it along to a validation entity for validation or
pass it along to a Fraud Information Gathering System for fraud detection or
analysis.
I have mot read you I-D, but this sounds like a NEA issue being
pushed into an IPsec protocol. Am I wrong?
Steve
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
